Abstract— Web Servers are core components within the networking industry and as such, the need for security for these critical elements is tremendous. Thus, a Web Application Firewall is deployed to protect the web server against possible vectors of attack. The Web Application Firewall is focused on the 7th layer; The Application layer of the OSI Model. Access Controls are implemented by using Access Control Lists as its rules to allow or reject traffic. The use of iptables userspace application (A part of the Linux kernel) is used to queue the packets at the kernel level and to direct the packets to go through the WAF first before it enters into the web server. The thorough inspection of the packets and the decision making for packets are done in the kernel level. All accepted packets are forwarded to the user level where the web server is running. The Web Application Firewall is able to compare the Access Control List, which is configured by the administrator through any text editor, against the incoming HTTP packets from the traffic before it reaches the web server itself. The algorithm used to compare the payload of the packet is simply pattern checking with the use of regular expressions. The testing results are proof on how accurate the Web Application Firewall is in detecting and rejecting different types of attacks in accordance of the top 10 web application attacks from OWASP.

Index Terms— Access control, firewalls, layer 7 information, web server.

Alexander Endraca, Bryan Genesis King, George Nodalo, and Maricone Sta. Maria are with the College of Computer Studies, De La Salle University- Manila (email: endraca.alex@gmail.com, bryan_genesis_king@yahoo.com, george_nodalo@dlsu.ph, maricone.stamaria@yahoo.com).

Cite: Alexander Endraca, Bryan King, George Nodalo, Maricone Sta. Maria, and Isaac Sabas, " Web Application Fi rewall (W AF)," International Journal of e-Education, e-Business, e-Management and e-Learning vol. 3, no. 6, pp. 451-455, 2013.